[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MD5 vs. SHA-1, Selection Criteria

To: John Kennedy <jkennedy@cylink.com>
Subject: Re: MD5 vs. SHA-1, Selection Criteria
From: Craig Metz <cmetz@inner.net>
Date: Fri, 24 May 1996 07:27:18 -0400
Cc: ipsec@TIS.COM
In-Reply-To: Your message of "Thu, 23 May 1996 18:00:48 EDT." <31A4E010.3BA9@cylink.com>
Sender: ipsec-approval@neptune.tis.com

In message <31A4E010.3BA9@cylink.com>, you write:
>My position is that MD5 should be immediately abandoned for use in ANY mode.  
>MD5 is a cryptographic algorithm the strength 
>of which is serious dispute.  It should be removed from consideration by IETF 
>and other standards committee for use in any 
>form.

	Then I trust you'd be happy to do a quick demonstration and hijack
an AH HMAC-MD5 protected TCP connection?

	Until you can show me that, I believe that MD5 has value. The value is
that random people cannot defeat it. Maybe major governments can. When it comes
to MY traffic, *I* want to be able to make the trade-off between security and
performance.

	I strongly oppose any efforts to completely scrap HMAC-MD5 because
it's taking away a legitimate and reasonable choice for the end user.

>I also think that implementors should re-examine the cost to move to SH
>A-1 versus the cost of retaining a hash 
>function that probably has a limited lifetime.

	The flaw in this line of thinking should be obvious.

								-Craig

Follow-Ups:

Re: MD5 vs. SHA-1, Selection Criteria

From: John Kennedy <jkennedy@cylink.com>

References:

MD5 vs. SHA-1, Selection Criteria

From: John Kennedy <jkennedy@cylink.com>

Prev by Date: Re: MD5 vs. SHA-1, Selection Criteria
Next by Date: Re: AH HMAC * Last Call
Prev by thread: MD5 vs. SHA-1, Selection Criteria
Next by thread: Re: MD5 vs. SHA-1, Selection Criteria
Index(es):
- Main
- Thread